logtail 1.3.15 / usr / sbin / logtail

This file is indexed.

/usr/sbin/logtail is in logtail 1.3.15.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
#!/usr/bin/perl

# Copyright (C) 2003 Jonathan Middleton <jjm@ixtab.org.uk
# Copyright (C) 2001 Paul Slootman <paul@debian.org>

# This file is part of Logcheck.

# Logcheck is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.

# Logcheck is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.

# You should have received a copy of the GNU General Public License
# along with Logcheck; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

use strict;
use warnings;
my ($size, $logfile, $offsetfile);
use Getopt::Std;
my %opts = ();

# process args and switches
my ($TEST_MODE) = 0;
getopts("f:o:t", \%opts);

# try to detect plain logtail invocation without switches
if (!$opts{f} && $#ARGV != 0 && $#ARGV != 1) {
   print STDERR "No logfile to read. Use -f [LOGFILE].\n";
   exit 66;
} elsif ($#ARGV == 0) {
   $logfile = $ARGV[0];
   $offsetfile = $opts{o};
} elsif ($#ARGV == 1) {
   ($logfile, $offsetfile) = ($ARGV[0], $ARGV[1]);
} else {
   ($logfile, $offsetfile) = ($opts{f}, $opts{o});
}

if ($opts{t}) {
    $TEST_MODE = 1;
}


if (! -f $logfile) {
    print STDERR "File $logfile cannot be read.\n";
    exit 66;
}
unless ($offsetfile) {
    # offsetfile not given, use .offset/$logfile in the same directory
    $offsetfile = $logfile . '.offset';
}

unless (open(LOGFILE, $logfile)) {
    print STDERR "File $logfile cannot be read.\n";
    exit 66;
}

my ($inode, $ino, $offset) = (0, 0, 0);

unless (not $offsetfile) {
    if (open(OFFSET, $offsetfile)) {
        $_ = <OFFSET>;
        unless (! defined $_) {
	    chomp $_;
	    $inode = $_;
	    $_ = <OFFSET>;
	    unless (! defined $_) {
	        chomp $_;
	        $offset = $_;
	    }
        }
    }

    unless ((undef,$ino,undef,undef,undef,undef,undef,$size) = stat $logfile) {
        print STDERR "Cannot get $logfile file size.\n", $logfile;
        exit 65;
    }

    if ($inode == $ino) {
        exit 0 if $offset == $size; # short cut
        if ($offset > $size) {
            $offset = 0;
            print "***************\n";
            print "*** WARNING ***: Log file $logfile is smaller than last time checked!\n";
            print "*************** This could indicate tampering.\n";
        }
    }
    if ($inode != $ino || $offset > $size) {
        $offset = 0;
    }
    seek(LOGFILE, $offset, 0);
}

while (<LOGFILE>) {
    print $_;
}

$size = tell LOGFILE;
close LOGFILE;

# update offset, unless test mode
unless ($TEST_MODE) {
    unless (open(OFFSET, ">$offsetfile")) {
        print STDERR "File $offsetfile cannot be created. Check your permissions.\n";
        exit 73;
    }
    print OFFSET "$ino\n$size\n";
    close OFFSET;
}
exit 0;

APT Browse - Built by Thomas Orozco.